260931
|
- |
|
zeus
|
zeus_web_server
|
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0363
|
2010-02-2 14:00 |
2010-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260932
|
- |
|
zabbix
|
zabbix
|
SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted reque…
|
CWE-89
SQL Injection
|
CVE-2009-4499
|
2010-02-2 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260933
|
- |
|
mozilla
|
seamonkey thunderbird
|
Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote a…
|
CWE-200
Information Exposure
|
CVE-2009-4629
|
2010-02-2 14:00 |
2010-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260934
|
- |
|
cisco
|
unified_meetingplace
|
Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) a…
|
NVD-CWE-noinfo
|
CVE-2010-0140
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260935
|
- |
|
cisco
|
unified_meetingplace
|
Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
Affected Products
Vulnerable Products
Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec…
|
NVD-CWE-noinfo
|
CVE-2010-0140
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260936
|
- |
|
cisco
|
unified_meetingplace
|
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0142
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260937
|
- |
|
cisco
|
unified_meetingplace
|
Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
Affected Products
Vulnerable Products
Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0142
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260938
|
- |
|
sun
|
java_system_application_server
|
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credential…
|
CWE-16
Configuration
|
CVE-2010-0386
|
2010-01-31 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260939
|
- |
|
sun
|
java_system_application_server
|
Per: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200942-1
Contributing Factors
This issue can occur in the following releases:
* Sun Java System Application Server Standar…
|
CWE-16
Configuration
|
CVE-2010-0386
|
2010-01-31 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260940
|
- |
|
sun
|
java_system_web_server
|
The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method to…
|
NVD-CWE-Other
|
CVE-2010-0389
|
2010-01-31 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|